The previous command is expected to produce some informational data about the speed of the transfer
and some JSON result data similar to the
following:
The values for the following set of variables must be defined as outlined here:
RUNBOOK_ID_ADD_SSH_KEY
- The runbook ID of the sample runbook Example: Add a new SSH key to target systems in the
original deployment.
PARAM_TARGET_HOSTNAMES
- A stringified array of hostnames, which defines the batch of target systems to be updated in
this iteration.
PARAM_TARGET_USER
- The user ID to be used on the target system. This user ID is the same for all target systems in
the batch. If different user IDs need to be used, the batches of target hostnames must be
split.
PARAM_AUTHORIZED_KEYS_FILE_PATH
- The relative path to the authorized keys file within the target user's home directory, or an
absolute path. You can use an arbitrary file name to test the tooling (but the file must exist on
the target). Defaults to ".ssh/authorized_keys".
PARAM_NEW_SSH_KEY
- The complete SSH key as copied from the SSH connection of the new deployment.
PARAM_OPTIONS
- Optional options for the SSH key. Must conform to the SSH specification (not validated by the
tooling). Make sure to escape double quotation marks (see example that follows this list).
PARAM_COMMENT
- The comment to be saved along with
PARAM_NEW_SSH_KEY
in the
authorized_keys
file on the target systems. Must conform to the SSH specification
(not validated by the tooling). Defaults to "RunbookAutomation".
PARAM_VERBOSE
- Set this to
true
to create verbose output for each of the editing actions on
the target systems. Set this to false
to just get a successful
or
failed
result for the editing actions on the target systems.
PARAMETER_ADD_FILE_PATH
- Name of the temporary file that gets generated to contain the parameters in JSON format.
For example:
export RUNBOOK_ID_ADD_SSH_KEY="2f2ba8ee-4ee6-4a36-b213-2be5ec65249f"
export PARAM_RAW_TARGETS="doesnotexist1.myzone.mycompany.com"
export PARAM_RAW_TARGETS=${PARAM_RAW_TARGETS}`for i in {2..100}; do echo -n ",doesnotexist${i}.myzone.mycompany.com"; done`
export PARAM_TARGET_HOSTNAMES="[${PARAM_RAW_TARGETS}]"
export PARAM_TARGET_USER="root"
export PARAM_AUTHORIZED_KEYS_FILE_PATH=".ssh/authorized_keys_test"
export PARAM_NEW_SSH_KEY="ssh-rsa testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest"
export PARAM_OPTIONS="from=\\\"my,list,of,addresses\\\""
export PARAM_COMMENT="RunbookAutomation@myCluster.myzone.mycompany.com"
export PARAM_VERBOSE="true"
export PARAMETER_ADD_FILE_PATH=parametersAddSSHKey.json
echo "{\"parameters\":[{\"name\":\"targetHostnames\",\"value\":\"${PARAM_TARGET_HOSTNAMES}\"},{\"name\":\"targetUser\",\"value\":\"${PARAM_TARGET_USER}\"},{\"name\":\"authorizedKeysFilePath\",\"value\":\"${PARAM_AUTHORIZED_KEYS_FILE_PATH}\"},{\"name\":\"newSSHKey\",\"value\":\"${PARAM_NEW_SSH_KEY}\"},{\"name\":\"options\",\"value\":\"${PARAM_OPTIONS}\"},{\"name\":\"comment\",\"value\":\"${PARAM_COMMENT}\"},{\"name\":\"verbose\",\"value\":\"${PARAM_VERBOSE}\"}]}" > $PARAMETER_ADD_FILE_PATH
Run
the following command to add the new SSH key to the single batch of target systems, as defined
above:
curl -X POST ${CURL_OPTIONS_OLD_INSTALL} -s -H "Authorization: ${CURL_AUTH_METHOD_OLD_INSTALL} ${CURL_AUTH_TOKEN_OLD_INSTALL}" -H "Expect:" -H "Content-Type: application/json; charset=utf-8" -d @${PARAMETER_ADD_FILE_PATH} "${CURL_BASEURL_OLD_INSTALL}/runbooks/${RUNBOOK_ID_ADD_SSH_KEY}/execute"
The output on the command line is expected to show the returned runbook instance ID and look similar
to the following:
{"runbookInstanceId":"0d8787ba91b123c7cf2cbd890800be73"}
Login to the UI of the original deployment and navigate to the runbook activity that has been
created. The output in runbook activity details is expected to look similar to the
following:
# Successful, with verbose output:
exists.with.ssh.key.myzone.mycompany.com out: Changed content in .ssh/authorized_keys_test (diff from backup file):
exists.with.ssh.key.myzone.mycompany.com out: 0a1
exists.with.ssh.key.myzone.mycompany.com out: > from="my,list,of,addresses" ssh-rsa testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest RunbookAutomation@myCluster.myzone.mycompany.com
exists.with.ssh.key.myzone.mycompany.com out: Done
exists.with.ssh.key.myzone.mycompany.com status: successful
# Successful, with non-verbose output:
exists.with.ssh.key.myzone.mycompany.com status: successful
# Unsuccessful, reason: file PARAM_AUTHORIZED_KEYS_FILE_PATH does not exist:
exists.but.ssh.key.file.does.not.exist.myzone.mycompany.com out: Error: File .ssh/authorized_keys_test does not exist.
exists.but.ssh.key.file.does.not.exist.myzone.mycompany.com status: unsuccessful
# Failed, reason: old SSH key does not exist on target system
exists.but.ssh.key.not.installed.myzone.mycompany.com error: Authentication with target machine failed
exists.but.ssh.key.not.installed.myzone.mycompany.com status: failed
# Failed, reason: target system not found
doesnotexist1.myzone.mycompany.com error: Connection to target via TCP unsuccessful.
doesnotexist1.myzone.mycompany.com status: failed
If you have more than about 100 targets
and you want to get all of your targets updated, then you must split your total list of targets into
batches, and run the runbook for each batch. If you choose to write a script that loops over the set
of batches, make sure to add some sleep time after you have started a batch, so the Runbook
Automation service can finish the work in the background. Once you have run a few batches, you can
review the actual execution time for each of them in the runbook activities view, so you can adjust
the sleep time (for example, allow 30 seconds per batch).